Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderatememory corruption

SciLinux: SLSA-2016:0491-1 Moderate: Foomatic Memory Issues and Threats

Moderate: foomatic security update. Date: Wed, 23 Mar 2016 16:29:52 -0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Moderate: foomatic on SL6.x i386/x86_64 MIME-Version: 1.0 Message-ID: Synopsis: Moderate: foomatic security update Advisory ID: SLSA-2016:0491-1 Issue Date: 2016-03-23 CVE Numbers: CVE-2010-5325 CVE-2015-8327 CVE-2015-8560 -- It was discovered that the unhtmlify() function of foomatic-rip did not correctly calculate buffer sizes, possibly leading to a heap-based memory corruption. A malicious attacker could exploit this flaw to cause foomatic-rip to crash or, possibly, execute arbitrary code. (CVE-2010-5325) It was discovered that foomatic-rip failed to remove all shell special characters from inputs used to construct command lines for external programs run by the filter. An attacker could possibly use this flaw to execute arbitrary commands. (CVE-2015-8327, CVE-2015-8560) -- SL6 x86_64 foomatic-4.0.4-5.el6_7.x86_64.rpm foomatic-debuginfo-4.0.4-5.el6_7.x86_64.rpm i386 foomatic-4.0.4-5.el6_7.i686.rpm foomatic-debuginfo-4.0.4-5.el6_7.i686.rpm - Scientific Linux Development Team . A balanced foomatic patch enhances safety by tackling memory overflow and command execution vulnerabilities successfully.. Foomatic Security Update, Memory Corruption, Command Injection, SL6. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 23, 2016 Important Scientific Linux
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updateRed Hat

Red Hat 6: RHSA-2016:0491-01 Moderate: Foomatic Memory Corruption

An updated foomatic package that fixes three security issues is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: foomatic security update Advisory ID: RHSA-2016:0491-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:0491.html Issue date: 2016-03-22 CVE Names: CVE-2010-5325 CVE-2015-8327 CVE-2015-8560 ==================================================================== 1. Summary: An updated foomatic package that fixes three security issues is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. It was discovered that the unhtmlify() function of foomatic-rip did not correctly calculate buffer sizes, possibly leading to a heap-based memory corruption. A malicious attacker could exploit this flaw to cause foomatic-rip to crash or, possibly, execute arbitrary code. (CVE-2010-5325) It was discovered that foomatic-rip failed to remove all shellspecial characters from inputs used to construct command lines for external programs run by the filter. An attacker could possibly use this flaw to execute arbitrary commands. (CVE-2015-8327, CVE-2015-8560) All foomatic users should upgrade to this updated package, which contains backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1218297 - CVE-2010-5325 foomatic: potential remote arbitrary code execution 1287523 - CVE-2015-8327 cups-filters: foomatic-rip did not consider the back tick as an illegal shell escape character 1291227 - CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: foomatic-4.0.4-5.el6_7.src.rpm i386: foomatic-4.0.4-5.el6_7.i686.rpm foomatic-debuginfo-4.0.4-5.el6_7.i686.rpm x86_64: foomatic-4.0.4-5.el6_7.x86_64.rpm foomatic-debuginfo-4.0.4-5.el6_7.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: foomatic-4.0.4-5.el6_7.src.rpm x86_64: foomatic-4.0.4-5.el6_7.x86_64.rpm foomatic-debuginfo-4.0.4-5.el6_7.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: foomatic-4.0.4-5.el6_7.src.rpm i386: foomatic-4.0.4-5.el6_7.i686.rpm foomatic-debuginfo-4.0.4-5.el6_7.i686.rpm ppc64: foomatic-4.0.4-5.el6_7.ppc64.rpm foomatic-debuginfo-4.0.4-5.el6_7.ppc64.rpm s390x: foomatic-4.0.4-5.el6_7.s390x.rpm foomatic-debuginfo-4.0.4-5.el6_7.s390x.rpm x86_64: foomatic-4.0.4-5.el6_7.x86_64.rpm foomatic-debuginfo-4.0.4-5.el6_7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: foomatic-4.0.4-5.el6_7.src.rpm i386: foomatic-4.0.4-5.el6_7.i686.rpm foomatic-debuginfo-4.0.4-5.el6_7.i686.rpm x86_64: foomatic-4.0.4-5.el6_7.x86_64.rpm foomatic-debuginfo-4.0.4-5.el6_7.x86_64.rpm These packages are GPG signed byRed Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2010-5325 https://access.redhat.com/security/cve/CVE-2015-8327 https://access.redhat.com/security/cve/CVE-2015-8560 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFW8bgMXlSAg2UNWIIRAku0AKCD+H9IbvXBMQdriz4yycBJ0Cz+/ACfRvzc kzYt9xNP3vTqE/45NtLzP+0=xtkT -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Canonical has released an urgent security patch for cups targeting two vulnerabilities rated as moderate risk. Users are encouraged to apply the update.. Red Hat, Foomatic Update, Security Patch. . LinuxSecurity.com Team

Calendar 2 Mar 22, 2016 Red Hat
Banner 3 1028x280 1708121785 1771599793
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderateupdate

Scientific Linux: Foomatic Moderate Input Sanitization Issue CVE-2011-2697

Moderate: foomatic security update. Date: Tue, 2 Aug 2011 11:10:22 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Moderate: foomatic on SL4.x, SL5.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." MIME-Version: 1.0 Synopsis: Moderate: foomatic security update Issue Date: 2011-08-01 CVE Numbers: CVE-2011-2697 Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in Perl. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description (PPD) file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user. (CVE-2011-2697) All foomatic users should upgrade to this updated package, which contains a backported patch to resolve this issue. SL4: i386 foomatic-3.0.2-3.2.el4.i386.rpm x86_64 foomatic-3.0.2-3.2.el4.x86_64.rpm SL5: i386 foomatic-3.0.2-38.3.el5_7.1.i386.rpm x86_64 foomatic-3.0.2-38.3.el5_7.1.x86_64.rpm - Scientific Linux Development Team . A moderate foomatic update addresses input sanitization flaws, preventing potential code execution issues within Scientific Linux.. foomatic security update, Scientific Linux advisory, input sanitization flaw. . LinuxSecurity.com Team

Calendar 2 Aug 02, 2011 Scientific Linux
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorysecurity updatearbitrary code execution

Scientific Linux SL 6.x Foomatic Moderate Input Sanitization Threat CVE-2011-2964

Moderate: foomatic security update. Date: Tue, 2 Aug 2011 10:15:27 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: FASTBUGS for SL 6.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." MIME-Version: 1.0 The following FASTBUGS have been uploaded to We realized this is alot of fastbugs. They had been building up from the time that Update 1 was released, until we released SL 6.1. i386: 389-ds-base-1.2.8.2-1.el6_1.3.i686.rpm 389-ds-base-devel-1.2.8.2-1.el6_1.3.i686.rpm 389-ds-base-libs-1.2.8.2-1.el6_1.3.i686.rpm acl-2.2.49-5.el6.i686.rpm cjkuni-fonts-common-0.2.20080216.1-35.el6.noarch.rpm cjkuni-fonts-ghostscript-0.2.20080216.1-35.el6.noarch.rpm cjkuni-ukai-fonts-0.2.20080216.1-35.el6.noarch.rpm cjkuni-uming-fonts-0.2.20080216.1-35.el6.noarch.rpm clusterlib-3.0.12-41.el6_1.1.i686.rpm clusterlib-devel-3.0.12-41.el6_1.1.i686.rpm cman-3.0.12-41.el6_1.1.i686.rpm corosync-1.2.3-21.el6_0.2.i686.rpm corosynclib-1.2.3-21.el6_0.2.i686.rpm corosynclib-devel-1.2.3-21.el6_0.2.i686.rpm crontabs-1.10-33.el6.noarch.rpm cryptsetup-luks-1.2.0-3.el6_1.2.i686.rpm cryptsetup-luks-devel-1.2.0-3.el6_1.2.i686.rpm cryptsetup-luks-libs-1.2.0-3.el6_1.2.i686.rpm dump-0.4-0.6.b42.el6.i686.rpm file-5.04-9.el6.i686.rpm file-devel-5.04-9.el6.i686.rpm file-libs-5.04-9.el6.i686.rpm file-static-5.04-9.el6.i686.rpm filesystem-2.4.30-3.el6.i686.rpm gfs2-utils-3.0.12-41.el6_1.1.i686.rpm ghostscript-8.70-11.el6_1.2.i686.rpm ghostscript-devel-8.70-11.el6_1.2.i686.rpm ghostscript-doc-8.70-11.el6_1.2.i686.rpm ghostscript-gtk-8.70-11.el6_1.2.i686.rpm gpm-1.20.6-12.el6.i686.rpm gpm-devel-1.20.6-12.el6.i686.rpm gpm-libs-1.20.6-12.el6.i686.rpm gpm-static-1.20.6-12.el6.i686.rpm graphviz-2.26.0-7.el6.i686.rpm graphviz-devel-2.26.0-7.el6.i686.rpm graphviz-doc-2.26.0-7.el6.i686.rpm graphviz-gd-2.26.0-7.el6.i686.rpm graphviz-graphs-2.26.0-7.el6.i686.rpm graphviz-guile-2.26.0-7.el6.i686.rpm graphviz-java-2.26.0-7.el6.i686.rpm graphviz-lua-2.26.0-7.el6.i686.rpm graphviz-perl-2.26.0-7.el6.i686.rpm graphviz-php-2.26.0-7.el6.i686.rpm graphviz-python-2.26.0-7.el6.i686.rpm graphviz-ruby-2.26.0-7.el6.i686.rpm graphviz-tcl-2.26.0-7.el6.i686.rpm guile-1.8.7-5.el6.i686.rpm guile-devel-1.8.7-5.el6.i686.rpm ipa-admintools-2.0.0-23.el6_1.1.i686.rpm ipa-client-2.0.0-23.el6_1.1.i686.rpm ipa-python-2.0.0-23.el6_1.1.i686.rpm ipa-server-2.0.0-23.el6_1.1.i686.rpm ipa-server-selinux-2.0.0-23.el6_1.1.i686.rpm iwl5000-firmware-8.83.5.1_1-1.el6_1.1.noarch.rpm jwhois-4.0-19.el6.i686.rpm kernel-2.6.32-131.4.1.el6.i686.rpm kernel-debug-2.6.32-131.4.1.el6.i686.rpm kernel-debug-devel-2.6.32-131.4.1.el6.i686.rpm kernel-devel-2.6.32-131.4.1.el6.i686.rpm kernel-doc-2.6.32-131.4.1.el6.noarch.rpm kernel-firmware-2.6.32-131.4.1.el6.noarch.rpm kernel-headers-2.6.32-131.4.1.el6.i686.rpm libacl-2.2.49-5.el6.i686.rpm libacl-devel-2.2.49-5.el6.i686.rpm libgcrypt-1.4.5-5.el6_1.1.i686.rpm libgcrypt-1.4.5-5.el6_1.2.i686.rpm libgcrypt-devel-1.4.5-5.el6_1.1.i686.rpm libgcrypt-devel-1.4.5-5.el6_1.2.i686.rpm lldpad-0.9.41-4.el6_1.4.i686.rpm lldpad-devel-0.9.41-4.el6_1.4.i686.rpm m17n-contrib-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-assamese-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-bengali-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-chinese-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-czech-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-esperanto-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-gujarati-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-hindi-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-kannada-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-kashmiri-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-maithili-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-malayalam-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-marathi-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-nepali-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-oriya-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-pashto-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-punjabi-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-russian-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-sindhi-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-sinhala-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-tai-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-tamil-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-telugu-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-urdu-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-vietnamese-1.1.10-4.el6_1.1.noarch.rpm m17n-lib-1.5.5-2.el6_1.1.i686.rpm m17n-lib-devel-1.5.5-2.el6_1.1.i686.rpm man-pages-ja-20100115-5.el6.noarch.rpm minizip-1.2.3-26.el6.i686.rpm minizip-devel-1.2.3-26.el6.i686.rpm nmap-5.21-4.el6.i686.rpm nmap-frontend-5.21-4.el6.noarch.rpm nss_db-2.2.3-0.3.pre1.el6_1.1.i686.rpm openssh-5.3p1-52.el6_1.2.i686.rpm openssh-askpass-5.3p1-52.el6_1.2.i686.rpm openssh-clients-5.3p1-52.el6_1.2.i686.rpm openssh-ldap-5.3p1-52.el6_1.2.i686.rpm openssh-server-5.3p1-52.el6_1.2.i686.rpm openssl-1.0.0-10.el6_1.4.i686.rpm openssl-devel-1.0.0-10.el6_1.4.i686.rpm openssl-perl-1.0.0-10.el6_1.4.i686.rpm openssl-static-1.0.0-10.el6_1.4.i686.rpm openswan-2.6.32-4.el6_1.1.i686.rpm openswan-doc-2.6.32-4.el6_1.1.i686.rpm ovirt-node-tools-1.9.3-28.1.el6.noarch.rpm pam_ssh_agent_auth-0.9-52.el6_1.2.i686.rpm perf-2.6.32-131.4.1.el6.i686.rpm perl-NetAddr-IP-4.027-7.el6.i686.rpm perl-Test-Spelling-0.11-7.el6.noarch.rpm pinentry-0.7.6-6.el6.i686.rpm pinentry-gtk-0.7.6-6.el6.i686.rpm pinentry-qt-0.7.6-6.el6.i686.rpm pinentry-qt4-0.7.6-6.el6.i686.rpm python-magic-5.04-9.el6.i686.rpm python-psycopg2-2.0.13-2.el6_1.1.i686.rpm python-psycopg2-doc-2.0.13-2.el6_1.1.i686.rpm python-qpid-qmf-0.10-10.el6.i686.rpm python-rhsm-0.95.14-1.el6_1.noarch.rpm qpid-cpp-client-0.10-6.el6.i686.rpm qpid-cpp-client-devel-0.10-6.el6.i686.rpm qpid-cpp-client-devel-docs-0.10-6.el6.noarch.rpm qpid-cpp-client-rdma-0.10-6.el6.i686.rpm qpid-cpp-client-ssl-0.10-6.el6.i686.rpm qpid-cpp-server-0.10-6.el6.i686.rpm qpid-cpp-server-cluster-0.10-6.el6.i686.rpm qpid-cpp-server-devel-0.10-6.el6.i686.rpm qpid-cpp-server-rdma-0.10-6.el6.i686.rpm qpid-cpp-server-ssl-0.10-6.el6.i686.rpm qpid-cpp-server-store-0.10-6.el6.i686.rpm qpid-cpp-server-xml-0.10-6.el6.i686.rpm qpid-qmf-0.10-10.el6.i686.rpm qpid-qmf-devel-0.10-10.el6.i686.rpm qpid-tools-0.10-5.el6.noarch.rpm rgmanager-3.0.12-11.el6_1.1.i686.rpm rh-qpid-cpp-tests-0.10-6.el6.i686.rpm rmt-0.4-0.6.b42.el6.i686.rpm rsyslog-4.6.2-3.el6_1.1.i686.rpm rsyslog-gnutls-4.6.2-3.el6_1.1.i686.rpm rsyslog-gssapi-4.6.2-3.el6_1.1.i686.rpm rsyslog-mysql-4.6.2-3.el6_1.1.i686.rpm rsyslog-pgsql-4.6.2-3.el6_1.1.i686.rpm rsyslog-relp-4.6.2-3.el6_1.1.i686.rpm ruby-qpid-qmf-0.10-10.el6.i686.rpm sssd-1.5.1-34.el6_1.1.i686.rpm sssd-1.5.1-34.el6_1.2.i686.rpm sssd-client-1.5.1-34.el6_1.1.i686.rpm sssd-client-1.5.1-34.el6_1.2.i686.rpm sssd-tools-1.5.1-34.el6_1.1.i686.rpm sssd-tools-1.5.1-34.el6_1.2.i686.rpm star-1.5-11.el6.i686.rpm subscription-manager-0.95.14-1.el6_1.i686.rpm subscription-manager-0.95.17-1.el6_1.i686.rpm subscription-manager-firstboot-0.95.14-1.el6_1.i686.rpm subscription-manager-firstboot-0.95.17-1.el6_1.i686.rpm subscription-manager-gnome-0.95.14-1.el6_1.i686.rpm subscription-manager-gnome-0.95.17-1.el6_1.i686.rpm swig-1.3.40-6.el6.i686.rpm swig-doc-1.3.40-6.el6.noarch.rpm telnet-0.17-47.el6.i686.rpm telnet-server-0.17-47.el6.i686.rpm which-2.19-6.el6.i686.rpm yum-rhn-plugin-0.9.1-26.el6_1.1.noarch.rpm zlib-1.2.3-26.el6.i686.rpm zlib-devel-1.2.3-26.el6.i686.rpm zlib-static-1.2.3-26.el6.i686.rpm x86_64: 389-ds-base-1.2.8.2-1.el6_1.3.x86_64.rpm 389-ds-base-devel-1.2.8.2-1.el6_1.3.x86_64.rpm 389-ds-base-libs-1.2.8.2-1.el6_1.3.x86_64.rpm acl-2.2.49-5.el6.x86_64.rpm cjkuni-fonts-common-0.2.20080216.1-35.el6.noarch.rpm cjkuni-fonts-ghostscript-0.2.20080216.1-35.el6.noarch.rpm cjkuni-ukai-fonts-0.2.20080216.1-35.el6.noarch.rpm cjkuni-uming-fonts-0.2.20080216.1-35.el6.noarch.rpm clusterlib-3.0.12-41.el6_1.1.i686.rpm clusterlib-3.0.12-41.el6_1.1.x86_64.rpm clusterlib-devel-3.0.12-41.el6_1.1.i686.rpm clusterlib-devel-3.0.12-41.el6_1.1.x86_64.rpm cman-3.0.12-41.el6_1.1.x86_64.rpm corosync-1.2.3-21.el6_0.2.x86_64.rpm corosynclib-1.2.3-21.el6_0.2.i686.rpm corosynclib-1.2.3-21.el6_0.2.x86_64.rpm corosynclib-devel-1.2.3-21.el6_0.2.x86_64.rpm crontabs-1.10-33.el6.noarch.rpm cryptsetup-luks-1.2.0-3.el6_1.2.x86_64.rpm cryptsetup-luks-devel-1.2.0-3.el6_1.2.i686.rpm cryptsetup-luks-devel-1.2.0-3.el6_1.2.x86_64.rpm cryptsetup-luks-libs-1.2.0-3.el6_1.2.i686.rpm cryptsetup-luks-libs-1.2.0-3.el6_1.2.x86_64.rpm dump-0.4-0.6.b42.el6.x86_64.rpm file-5.04-9.el6.x86_64.rpm file-devel-5.04-9.el6.i686.rpm file-devel-5.04-9.el6.x86_64.rpm file-libs-5.04-9.el6.i686.rpm file-libs-5.04-9.el6.x86_64.rpm file-static-5.04-9.el6.x86_64.rpm filesystem-2.4.30-3.el6.x86_64.rpm gfs2-utils-3.0.12-41.el6_1.1.x86_64.rpm ghostscript-8.70-11.el6_1.2.i686.rpm ghostscript-8.70-11.el6_1.2.x86_64.rpm ghostscript-devel-8.70-11.el6_1.2.i686.rpm ghostscript-devel-8.70-11.el6_1.2.x86_64.rpm ghostscript-doc-8.70-11.el6_1.2.x86_64.rpm ghostscript-gtk-8.70-11.el6_1.2.x86_64.rpm gpm-1.20.6-12.el6.x86_64.rpm gpm-devel-1.20.6-12.el6.i686.rpm gpm-devel-1.20.6-12.el6.x86_64.rpm gpm-libs-1.20.6-12.el6.i686.rpm gpm-libs-1.20.6-12.el6.x86_64.rpm gpm-static-1.20.6-12.el6.x86_64.rpm graphviz-2.26.0-7.el6.i686.rpm graphviz-2.26.0-7.el6.x86_64.rpm graphviz-devel-2.26.0-7.el6.i686.rpm graphviz-devel-2.26.0-7.el6.x86_64.rpm graphviz-doc-2.26.0-7.el6.x86_64.rpm graphviz-gd-2.26.0-7.el6.i686.rpm graphviz-gd-2.26.0-7.el6.x86_64.rpm graphviz-graphs-2.26.0-7.el6.x86_64.rpm graphviz-guile-2.26.0-7.el6.x86_64.rpm graphviz-java-2.26.0-7.el6.x86_64.rpm graphviz-lua-2.26.0-7.el6.x86_64.rpm graphviz-perl-2.26.0-7.el6.x86_64.rpm graphviz-php-2.26.0-7.el6.x86_64.rpm graphviz-python-2.26.0-7.el6.x86_64.rpm graphviz-ruby-2.26.0-7.el6.x86_64.rpm graphviz-tcl-2.26.0-7.el6.x86_64.rpm guile-1.8.7-5.el6.i686.rpm guile-1.8.7-5.el6.x86_64.rpm guile-devel-1.8.7-5.el6.i686.rpm guile-devel-1.8.7-5.el6.x86_64.rpm ipa-admintools-2.0.0-23.el6_1.1.x86_64.rpm ipa-client-2.0.0-23.el6_1.1.x86_64.rpm ipa-python-2.0.0-23.el6_1.1.x86_64.rpm ipa-server-2.0.0-23.el6_1.1.x86_64.rpm ipa-server-selinux-2.0.0-23.el6_1.1.x86_64.rpm iwl5000-firmware-8.83.5.1_1-1.el6_1.1.noarch.rpm jwhois-4.0-19.el6.x86_64.rpm kernel-2.6.32-131.4.1.el6.x86_64.rpm kernel-debug-2.6.32-131.4.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-131.4.1.el6.x86_64.rpm kernel-devel-2.6.32-131.4.1.el6.x86_64.rpm kernel-doc-2.6.32-131.4.1.el6.noarch.rpm kernel-firmware-2.6.32-131.4.1.el6.noarch.rpm kernel-headers-2.6.32-131.4.1.el6.x86_64.rpm libacl-2.2.49-5.el6.i686.rpm libacl-2.2.49-5.el6.x86_64.rpm libacl-devel-2.2.49-5.el6.i686.rpm libacl-devel-2.2.49-5.el6.x86_64.rpm libgcrypt-1.4.5-5.el6_1.1.i686.rpm libgcrypt-1.4.5-5.el6_1.1.x86_64.rpm libgcrypt-1.4.5-5.el6_1.2.i686.rpm libgcrypt-1.4.5-5.el6_1.2.x86_64.rpm libgcrypt-devel-1.4.5-5.el6_1.1.i686.rpm libgcrypt-devel-1.4.5-5.el6_1.1.x86_64.rpm libgcrypt-devel-1.4.5-5.el6_1.2.i686.rpm libgcrypt-devel-1.4.5-5.el6_1.2.x86_64.rpm lldpad-0.9.41-4.el6_1.4.x86_64.rpm lldpad-devel-0.9.41-4.el6_1.4.i686.rpm lldpad-devel-0.9.41-4.el6_1.4.x86_64.rpm m17n-contrib-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-assamese-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-bengali-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-chinese-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-czech-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-esperanto-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-gujarati-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-hindi-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-kannada-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-kashmiri-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-maithili-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-malayalam-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-marathi-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-nepali-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-oriya-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-pashto-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-punjabi-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-russian-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-sindhi-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-sinhala-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-tai-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-tamil-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-telugu-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-urdu-1.1.10-4.el6_1.1.noarch.rpm m17n-contrib-vietnamese-1.1.10-4.el6_1.1.noarch.rpm m17n-lib-1.5.5-2.el6_1.1.i686.rpm m17n-lib-1.5.5-2.el6_1.1.x86_64.rpm m17n-lib-devel-1.5.5-2.el6_1.1.i686.rpm m17n-lib-devel-1.5.5-2.el6_1.1.x86_64.rpm man-pages-ja-20100115-5.el6.noarch.rpm minizip-1.2.3-26.el6.i686.rpm minizip-1.2.3-26.el6.x86_64.rpm minizip-devel-1.2.3-26.el6.i686.rpm minizip-devel-1.2.3-26.el6.x86_64.rpm nmap-5.21-4.el6.x86_64.rpm nmap-frontend-5.21-4.el6.noarch.rpm nss_db-2.2.3-0.3.pre1.el6_1.1.i686.rpm nss_db-2.2.3-0.3.pre1.el6_1.1.x86_64.rpm openssh-5.3p1-52.el6_1.2.x86_64.rpm openssh-askpass-5.3p1-52.el6_1.2.x86_64.rpm openssh-clients-5.3p1-52.el6_1.2.x86_64.rpm openssh-ldap-5.3p1-52.el6_1.2.x86_64.rpm openssh-server-5.3p1-52.el6_1.2.x86_64.rpm openssl-1.0.0-10.el6_1.4.i686.rpm openssl-1.0.0-10.el6_1.4.x86_64.rpm openssl-devel-1.0.0-10.el6_1.4.i686.rpm openssl-devel-1.0.0-10.el6_1.4.x86_64.rpm openssl-perl-1.0.0-10.el6_1.4.x86_64.rpm openssl-static-1.0.0-10.el6_1.4.x86_64.rpm openswan-2.6.32-4.el6_1.1.x86_64.rpm openswan-doc-2.6.32-4.el6_1.1.x86_64.rpm ovirt-node-1.9.3-28.1.el6.x86_64.rpm ovirt-node-tools-1.9.3-28.1.el6.noarch.rpm pam_ssh_agent_auth-0.9-52.el6_1.2.i686.rpm pam_ssh_agent_auth-0.9-52.el6_1.2.x86_64.rpm perf-2.6.32-131.4.1.el6.x86_64.rpm perl-NetAddr-IP-4.027-7.el6.x86_64.rpm perl-Test-Spelling-0.11-7.el6.noarch.rpm pinentry-0.7.6-6.el6.x86_64.rpm pinentry-gtk-0.7.6-6.el6.x86_64.rpm pinentry-qt-0.7.6-6.el6.x86_64.rpm pinentry-qt4-0.7.6-6.el6.x86_64.rpm python-magic-5.04-9.el6.x86_64.rpm python-psycopg2-2.0.13-2.el6_1.1.x86_64.rpm python-psycopg2-doc-2.0.13-2.el6_1.1.x86_64.rpm python-qpid-qmf-0.10-10.el6.x86_64.rpm python-rhsm-0.95.14-1.el6_1.noarch.rpm qemu-img-0.12.1.2-2.160.el6_1.3.x86_64.rpm qemu-img-0.12.1.2-2.160.el6_1.6.x86_64.rpm qemu-kvm-0.12.1.2-2.160.el6_1.3.x86_64.rpm qemu-kvm-0.12.1.2-2.160.el6_1.6.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.160.el6_1.3.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.160.el6_1.6.x86_64.rpm qpid-cpp-client-0.10-6.el6.i686.rpm qpid-cpp-client-0.10-6.el6.x86_64.rpm qpid-cpp-client-devel-0.10-6.el6.x86_64.rpm qpid-cpp-client-devel-docs-0.10-6.el6.noarch.rpm qpid-cpp-client-rdma-0.10-6.el6.x86_64.rpm qpid-cpp-client-ssl-0.10-6.el6.i686.rpm qpid-cpp-client-ssl-0.10-6.el6.x86_64.rpm qpid-cpp-server-0.10-6.el6.i686.rpm qpid-cpp-server-0.10-6.el6.x86_64.rpm qpid-cpp-server-cluster-0.10-6.el6.x86_64.rpm qpid-cpp-server-devel-0.10-6.el6.x86_64.rpm qpid-cpp-server-rdma-0.10-6.el6.x86_64.rpm qpid-cpp-server-ssl-0.10-6.el6.x86_64.rpm qpid-cpp-server-store-0.10-6.el6.x86_64.rpm qpid-cpp-server-xml-0.10-6.el6.x86_64.rpm qpid-qmf-0.10-10.el6.i686.rpm qpid-qmf-0.10-10.el6.x86_64.rpm qpid-qmf-devel-0.10-10.el6.x86_64.rpm qpid-tools-0.10-5.el6.noarch.rpm rgmanager-3.0.12-11.el6_1.1.x86_64.rpm rh-qpid-cpp-tests-0.10-6.el6.x86_64.rpm rmt-0.4-0.6.b42.el6.x86_64.rpm rsyslog-4.6.2-3.el6_1.1.x86_64.rpm rsyslog-gnutls-4.6.2-3.el6_1.1.x86_64.rpm rsyslog-gssapi-4.6.2-3.el6_1.1.x86_64.rpm rsyslog-mysql-4.6.2-3.el6_1.1.x86_64.rpm rsyslog-pgsql-4.6.2-3.el6_1.1.x86_64.rpm rsyslog-relp-4.6.2-3.el6_1.1.x86_64.rpm ruby-qpid-qmf-0.10-10.el6.i686.rpm ruby-qpid-qmf-0.10-10.el6.x86_64.rpm sssd-1.5.1-34.el6_1.1.x86_64.rpm sssd-1.5.1-34.el6_1.2.x86_64.rpm sssd-client-1.5.1-34.el6_1.1.i686.rpm sssd-client-1.5.1-34.el6_1.1.x86_64.rpm sssd-client-1.5.1-34.el6_1.2.i686.rpm sssd-client-1.5.1-34.el6_1.2.x86_64.rpm sssd-tools-1.5.1-34.el6_1.1.x86_64.rpm sssd-tools-1.5.1-34.el6_1.2.x86_64.rpm star-1.5-11.el6.x86_64.rpm subscription-manager-0.95.14-1.el6_1.x86_64.rpm subscription-manager-0.95.17-1.el6_1.x86_64.rpm subscription-manager-firstboot-0.95.14-1.el6_1.x86_64.rpm subscription-manager-firstboot-0.95.17-1.el6_1.x86_64.rpm subscription-manager-gnome-0.95.14-1.el6_1.x86_64.rpm subscription-manager-gnome-0.95.17-1.el6_1.x86_64.rpm swig-1.3.40-6.el6.x86_64.rpm swig-doc-1.3.40-6.el6.noarch.rpm telnet-0.17-47.el6.x86_64.rpm telnet-server-0.17-47.el6.x86_64.rpm vdsm-4.9-63.el6.x86_64.rpm vdsm-cli-4.9-63.el6.x86_64.rpm vdsm-debug-plugin-4.9-63.el6.x86_64.rpm vdsm-hook-faqemu-4.9-63.el6.x86_64.rpm vdsm-hook-vhostmd-4.9-63.el6.x86_64.rpm vdsm-reg-4.9-63.el6.x86_64.rpm which-2.19-6.el6.x86_64.rpm yum-rhn-plugin-0.9.1-26.el6_1.1.noarch.rpm zlib-1.2.3-26.el6.i686.rpm zlib-1.2.3-26.el6.x86_64.rpm zlib-devel-1.2.3-26.el6.i686.rpm zlib-devel-1.2.3-26.el6.x86_64.rpm zlib-static-1.2.3-26.el6.x86_64.rpm -Connie Sieh -Troy Dawson Date: Tue, 2 Aug 2011 11:09:38 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Moderate: foomatic on SL6.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." MIME-Version: 1.0 Synopsis: Moderate: foomatic security update Issue Date: 2011-08-01 CVE Numbers: CVE-2011-2964 Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in C. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description (PPD) file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user. (CVE-2011-2964) All foomatic users shouldupgrade to this updated package, which contains a backported patch to resolve this issue. SL6: i386 foomatic-4.0.4-1.el6_1.1.i686.rpm x86_64 foomatic-4.0.4-1.el6_1.1.x86_64.rpm - Scientific Linux Development Team . Critical updates for Foomatic on Scientific Linux SL 6.x patched a flaw in input validation that had the potential to enable remote code execution.. Foomatic,SciLinux,Security Advisory. . LinuxSecurity.com Team

Calendar 2 Aug 02, 2011 Scientific Linux
Banner 3 1028x280 1708121785 1771599793
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryarbitrary code executionRed Hat Enterprise Linux

Red Hat Enterprise Linux 6: RHSA-2011:1110-01 Moderate: Foomatic Input Flaw

An updated foomatic package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: foomatic security update Advisory ID: RHSA-2011:1110-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:1110.html Issue date: 2011-08-01 CVE Names: CVE-2011-2964 ==================================================================== 1. Summary: An updated foomatic package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in C. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description (PPD) file, rather than the administrator-set one. This could lead toarbitrary code execution with the privileges of the "lp" user. (CVE-2011-2964) All foomatic users should upgrade to this updated package, which contains a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 727016 - CVE-2011-2964 foomatic: Improper sanitization of command line option in foomatic-rip (foomatic.c) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: i386: foomatic-4.0.4-1.el6_1.1.i686.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.i686.rpm x86_64: foomatic-4.0.4-1.el6_1.1.x86_64.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: foomatic-4.0.4-1.el6_1.1.x86_64.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: i386: foomatic-4.0.4-1.el6_1.1.i686.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.i686.rpm ppc64: foomatic-4.0.4-1.el6_1.1.ppc64.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.ppc64.rpm s390x: foomatic-4.0.4-1.el6_1.1.s390x.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.s390x.rpm x86_64: foomatic-4.0.4-1.el6_1.1.x86_64.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: foomatic-4.0.4-1.el6_1.1.i686.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.i686.rpm x86_64: foomatic-4.0.4-1.el6_1.1.x86_64.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2011-2964 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . Morecontact details at https://access.redhat.com/security/team/contact Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFONs05XlSAg2UNWIIRAgE/AJsGGKR1uIQ+GzkjlmcfItGwez5r0gCfcE0I sJD4vwC0vmSxKkcT47domB4=OGdu -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Patch released for foomatic to remedy a vulnerability, classified as moderate risk. Attention needed for Red Hat clients.. Foomatic Update, Red Hat Security Advisory, Input Flaw, Code Execution Issue. . LinuxSecurity.com Team

Calendar 2 Aug 01, 2011 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity update

Red Hat: RHSA-2011-1109-01 Moderate: Foomatic Input Sanitization Risk

An updated foomatic package that fixes one security issue is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: foomatic security update Advisory ID: RHSA-2011:1109-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:1109.html Issue date: 2011-08-01 CVE Names: CVE-2011-2697 ==================================================================== 1. Summary: An updated foomatic package that fixes one security issue is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in Perl. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appearas a command line option that caused the filter to use a specified PostScript printer description (PPD) file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user. (CVE-2011-2697) All foomatic users should upgrade to this updated package, which contains a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 721001 - CVE-2011-2697 foomatic: Improper sanitization of command line option in foomatic-rip 6. Package List: Red Hat Enterprise Linux AS version 4: Source: i386: foomatic-3.0.2-3.2.el4.i386.rpm foomatic-debuginfo-3.0.2-3.2.el4.i386.rpm ia64: foomatic-3.0.2-3.2.el4.ia64.rpm foomatic-debuginfo-3.0.2-3.2.el4.ia64.rpm ppc: foomatic-3.0.2-3.2.el4.ppc.rpm foomatic-debuginfo-3.0.2-3.2.el4.ppc.rpm s390: foomatic-3.0.2-3.2.el4.s390.rpm foomatic-debuginfo-3.0.2-3.2.el4.s390.rpm s390x: foomatic-3.0.2-3.2.el4.s390x.rpm foomatic-debuginfo-3.0.2-3.2.el4.s390x.rpm x86_64: foomatic-3.0.2-3.2.el4.x86_64.rpm foomatic-debuginfo-3.0.2-3.2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: i386: foomatic-3.0.2-3.2.el4.i386.rpm foomatic-debuginfo-3.0.2-3.2.el4.i386.rpm x86_64: foomatic-3.0.2-3.2.el4.x86_64.rpm foomatic-debuginfo-3.0.2-3.2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: foomatic-3.0.2-3.2.el4.i386.rpm foomatic-debuginfo-3.0.2-3.2.el4.i386.rpm ia64: foomatic-3.0.2-3.2.el4.ia64.rpm foomatic-debuginfo-3.0.2-3.2.el4.ia64.rpm x86_64: foomatic-3.0.2-3.2.el4.x86_64.rpm foomatic-debuginfo-3.0.2-3.2.el4.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: foomatic-3.0.2-3.2.el4.i386.rpm foomatic-debuginfo-3.0.2-3.2.el4.i386.rpm ia64: foomatic-3.0.2-3.2.el4.ia64.rpm foomatic-debuginfo-3.0.2-3.2.el4.ia64.rpm x86_64: foomatic-3.0.2-3.2.el4.x86_64.rpm foomatic-debuginfo-3.0.2-3.2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: foomatic-3.0.2-38.3.el5_7.1.i386.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.i386.rpm x86_64: foomatic-3.0.2-38.3.el5_7.1.x86_64.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: i386: foomatic-3.0.2-38.3.el5_7.1.i386.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.i386.rpm ia64: foomatic-3.0.2-38.3.el5_7.1.ia64.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.ia64.rpm ppc: foomatic-3.0.2-38.3.el5_7.1.ppc.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.ppc.rpm s390x: foomatic-3.0.2-38.3.el5_7.1.s390x.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.s390x.rpm x86_64: foomatic-3.0.2-38.3.el5_7.1.x86_64.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2011-2697 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFONszpXlSAg2UNWIIRAmE0AJ4q5rI9jCjDajGtFU74G4jiy/uSCwCfTQIF 1DChAaSq+bEwVioJu13GziM=+/8E -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu issued a significant security patch for cups-filters addressing a severe vulnerability. Update now for protection!. Foomatic Update, Red Hat Advisory, Security Issue, Package Upgrade, Printer Drivers. . LinuxSecurity.com Team

Calendar 2 Aug 01, 2011 Red Hat
Banner 3 1028x280 1708121785 1771599793
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updatecode execution

Red Hat: RHSA-2011:1110-01 Moderate: Foomatic Code Execution

An updated foomatic package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: foomatic security update Advisory ID: RHSA-2011:1110-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:1110.html Issue date: 2011-08-01 CVE Names: CVE-2011-2964 ==================================================================== 1. Summary: An updated foomatic package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in C. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description (PPD) file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user. (CVE-2011-2964) All foomatic users should upgradeto this updated package, which contains a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 727016 - CVE-2011-2964 foomatic: Improper sanitization of command line option in foomatic-rip (foomatic.c) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: i386: foomatic-4.0.4-1.el6_1.1.i686.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.i686.rpm x86_64: foomatic-4.0.4-1.el6_1.1.x86_64.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: foomatic-4.0.4-1.el6_1.1.x86_64.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: i386: foomatic-4.0.4-1.el6_1.1.i686.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.i686.rpm ppc64: foomatic-4.0.4-1.el6_1.1.ppc64.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.ppc64.rpm s390x: foomatic-4.0.4-1.el6_1.1.s390x.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.s390x.rpm x86_64: foomatic-4.0.4-1.el6_1.1.x86_64.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: foomatic-4.0.4-1.el6_1.1.i686.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.i686.rpm x86_64: foomatic-4.0.4-1.el6_1.1.x86_64.rpm foomatic-debuginfo-4.0.4-1.el6_1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2011-2964 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2011 Red Hat, Inc. . Canonical hasissued a significant security patch for the cups package, addressing a major printing vulnerability.. Foomatic Security, Red Hat Enterprise Update, Code Execution Fix. . LinuxSecurity.com Team

Calendar 2 Aug 01, 2011 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatecode execution

Red Hat: RHSA-2011:1109-01 Moderate: Foomatic Print Filter Update

An updated foomatic package that fixes one security issue is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: foomatic security update Advisory ID: RHSA-2011:1109-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:1109.html Issue date: 2011-08-01 CVE Names: CVE-2011-2697 ==================================================================== 1. Summary: An updated foomatic package that fixes one security issue is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in Perl. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description (PPD) file,rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user. (CVE-2011-2697) All foomatic users should upgrade to this updated package, which contains a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 721001 - CVE-2011-2697 foomatic: Improper sanitization of command line option in foomatic-rip 6. Package List: Red Hat Enterprise Linux AS version 4: Source: i386: foomatic-3.0.2-3.2.el4.i386.rpm foomatic-debuginfo-3.0.2-3.2.el4.i386.rpm ia64: foomatic-3.0.2-3.2.el4.ia64.rpm foomatic-debuginfo-3.0.2-3.2.el4.ia64.rpm ppc: foomatic-3.0.2-3.2.el4.ppc.rpm foomatic-debuginfo-3.0.2-3.2.el4.ppc.rpm s390: foomatic-3.0.2-3.2.el4.s390.rpm foomatic-debuginfo-3.0.2-3.2.el4.s390.rpm s390x: foomatic-3.0.2-3.2.el4.s390x.rpm foomatic-debuginfo-3.0.2-3.2.el4.s390x.rpm x86_64: foomatic-3.0.2-3.2.el4.x86_64.rpm foomatic-debuginfo-3.0.2-3.2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: i386: foomatic-3.0.2-3.2.el4.i386.rpm foomatic-debuginfo-3.0.2-3.2.el4.i386.rpm x86_64: foomatic-3.0.2-3.2.el4.x86_64.rpm foomatic-debuginfo-3.0.2-3.2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: foomatic-3.0.2-3.2.el4.i386.rpm foomatic-debuginfo-3.0.2-3.2.el4.i386.rpm ia64: foomatic-3.0.2-3.2.el4.ia64.rpm foomatic-debuginfo-3.0.2-3.2.el4.ia64.rpm x86_64: foomatic-3.0.2-3.2.el4.x86_64.rpm foomatic-debuginfo-3.0.2-3.2.el4.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: foomatic-3.0.2-3.2.el4.i386.rpm foomatic-debuginfo-3.0.2-3.2.el4.i386.rpm ia64: foomatic-3.0.2-3.2.el4.ia64.rpm foomatic-debuginfo-3.0.2-3.2.el4.ia64.rpm x86_64: foomatic-3.0.2-3.2.el4.x86_64.rpm foomatic-debuginfo-3.0.2-3.2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: foomatic-3.0.2-38.3.el5_7.1.i386.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.i386.rpm x86_64: foomatic-3.0.2-38.3.el5_7.1.x86_64.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: i386: foomatic-3.0.2-38.3.el5_7.1.i386.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.i386.rpm ia64: foomatic-3.0.2-38.3.el5_7.1.ia64.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.ia64.rpm ppc: foomatic-3.0.2-38.3.el5_7.1.ppc.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.ppc.rpm s390x: foomatic-3.0.2-38.3.el5_7.1.s390x.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.s390x.rpm x86_64: foomatic-3.0.2-38.3.el5_7.1.x86_64.rpm foomatic-debuginfo-3.0.2-38.3.el5_7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2011-2697 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2011 Red Hat, Inc. . Foomatic patch for Red Hat Enterprise Linux resolves an input validation vulnerability rated as medium risk.. Foomatic Update, Red Hat Security, Code Execution Fix, Print Filter Security. . LinuxSecurity.com Team

Calendar 2 Aug 01, 2011 Red Hat
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here